Cyber Security Manager

Cyber Security On Site Manager - INSIDE IR35 - Up to £700 per day - SC CLEARED - 8 Months - SINGLE STAGE PROCESS - NEWPORT, SOUTH WALES

Yolk Recruitment are recruiting for a Cyber Security On Site Manager for our client based in South Wales on an initial deal spanning the next 6 months.

The Site Security Manager will be responsible for the following:

• Attend a monthly Security Review meeting, led by the Clients Security Team to review service performance, recent IT incidents, trends in support calls, service improvement opportunities of the SOC service,

• Ensure the on-site Security Manager pro-actively provides documented recommendations that mitigate identified risks to Client This will also include providing on-going advice on application architecture, technology selection, methodologies and tools, applications design and implementation relating to any system, software, process, routine, or data in terms of creation, development, manipulation, enhancement, and replacement. The on-site Security Manager is expected to proactively recommend technology and service improvements to drive down costs and gain efficiencies.

• Reviews all change. This includes all project designs, as well as new or enhanced services, such as Business as Usual (BAU) change. It is the responsibility of the on-site Security Manager to review the changes and approve or deny change from a security perspective, based on Client’s security requirements and industry Best Practice.

• Provides assistance to Client’s Cyber Security Team in developing business cases and implementation plans for deployment of new technologies, or modification of existing technologies. The on-site Security Manager is expected to be able to advise on strategic direction of the service.

• Provide a service that ensures risk assessments are undertaken on projects to identify threats and weaknesses in the IT and OT environments and submit reports to Client’s Cyber management. The on-site Security Manager must be aware and knowledgeable with regards to security best-practice and regulations, including ISO27001, ISA62443, PCI compliance, GDPR and the NIST Cyber Security Framework.

• Provide support/expertise to the ISTP with their six-month review of firewall rules, as well as the review of all firewall changes to ensure they do not increase the risk profile of Client..

• Be required to provide advice and recommendations to the Client’s Water Cyber Security resources in the creation of, planning, execution, and implementation of Information Security or Operational Technology related initiatives/ projects/ programmes. This may include advice on improvements to processes, methodologies, architecture, technologies and tools, system configuration or other activities to mitigate security risks to Client.

Skills & Experience Required

• Intrusion Detection and Prevention Service (IDPS).

• Advanced Persistent Threat protection (APT).

• E-mail sandbox technology.

• Management of the Public Key Infrastructure (PKI) infrastructure.

• Vulnerability Scanning and remediation.

• Real-time metrics portal, as well as monthly and ad-hoc reporting.

• Threat Intelligence.

• Forensic capability.